Cmu: >> Cyrus Imap Server >> 2.3.17 Security Vulnerabilities
The index_get_ids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side threading is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted References header in an e-mail message.
CVSS Score
4.3
EPSS Score
0.011
Published
2011-09-14